And to delay me from getting it back, they used my Apple account to wipe every one of my devices, my iPhone and iPad and MacBook, deleting all my messages and documents and every picture I’d ever taken of my 18-month-old daughter.

Hu? How does that work?

But apart from that I don't see how he says anything new or how time or technological progress has changed anything since 1993. Storing plain text passwords on servers is bad and these idiotic password-recovery-personal-questions are too, I have always filled them with random characters, even though I am not a celebrity with a public private life. Because, if you think of it, answered seriously, many of those questions have less answers and are easier to brute force than even the weakest passwords.

And I don't have any information online that I want to be protected, that I rely on to be protected. If you want to reset my online banking password I receive a new one in the mail. If it would be any other way I'd change my bank. You can of course break up my mail box on exactly the right day.

I also keep my "serious" and other more "playful" stuff strictly separated. You won't be able find the a link between my accounts on facebook and my bank.
I do use the same username and password on several sites, not for the "serious" stuff though.

The risk that remains is that administrators I do trust (work, bank, ...) do something stupid like storing plaintext passwords or creditcard numbers.

Search for the word “bank” to figure out where you do your online banking. I go there and click on the Forgot Password? link. I get the password reset and log in to your account, which I control. Now I own your checking account as well as your email.

maybe in stupid land but not in Germany. And thanks to TAN-Generators even if he got inside my bank account he would still be unable to do anything.

There are no 'forgot password' links. Every change has to be done by the local office.

Seriously, that guy? Idiot. They got from twitter to apple - how? Because he did something really stupid?_________________

AidanJT wrote:

Libertardian denial of reality is wholly unimpressive and unconvincing, and simply serves to demonstrate what a bunch of delusional fools they all are.

my bank here (hsbc) has annoying 2-factor authentication. They send you this little calculator and everytime you log in you have to generate a code with it. Thus, you would need to know the answer to my secret question (any moron could probably find that out) and you have to have the code generated by this machine.

my bank here (hsbc) has annoying 2-factor authentication. They send you this little calculator and everytime you log in you have to generate a code with it. Thus, you would need to know the answer to my secret question (any moron could probably find that out) and you have to have the code generated by this machine.

I'd much rather have something like that than what we have currently, which seems to be an implementation of the FTP2TF protocol (Fail To Plan Plan To Fail). The weak password is of course your choice / fault._________________lolgov. 'cause where we're going, you don't have civil liberties.